Forum: War Ensemble BBS

FW: Re: Fwd: DNS Misconfiguration on- http://cyberia.net.sa/

From Renters Inquiries@renters.inquiries@assurant.com to Bhangui, Sandeep - BLS CTR via bind-users on Thu Jun 11 22:23:34 2020

From Newsgroup: comp.protocols.dns.bind

--_000_BD50A26D2D1D426BA928C42A7A7FC0E81D6403EF0D23RENTERSINQU_ Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="Windows-1252"

Dear Valued Customer,

Thank you for your inquiry. Please let us know how we may assist you.

If you have a Renter=92s policy, you can manage your policy online 24/7 at:=
https://www.myassurantpolicy.com/

You have access to a range of service options including:

*
View/update policy information
*
Manage your payments
*
Obtain proof of insurance
*
And much more

Thank you for allowing us the opportunity to serve you.

Sincerely,

Insurance Services

Assurant - Global Specialty Operations

------------------- Original Message -------------------
From: Fred Morris
Received: Fri Jun 05 2020 12:17:17 GMT-0400 (Eastern Daylight Time)
To: Bhangui, Sandeep - BLS CTR via bind-users
Subject: Re: Fwd: DNS Misconfiguration on- http://cyberia.net.sa/

Hrmmm... I'm reminded of something else I've seen reported on recently...

On Fri, 5 Jun 2020, Ejaz Ahmed wrote:

localhost.cyberia.net.sa

I don't know if you've been paying attention, but it's been reported that
among others EBay has been port scanning visitor's devices [0]. Having localhost.ebay.com could be handy for them in terms of circumventing some
rules on setting of cookies and the execution of scripts. Not saying
that's what they're doing, heaven forbid.

Any domain you visit could have entries in it which point to e.g.
localhost or nonrouting addresses commonly used for gateways, things like
that.

This is not a DNS problem, it's a problem in what commonly used programs
aid and abet in the name of "freedom of commerce" or something.

--

Fred Morris

--

[0] https://www.bleepingcomputer.com/news/security/ebay-port-scans-visitors-com= puters-for-remote-access-programs/

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscri=
be from this list

ISC funds the development of this software with paid support subscriptions.=
Contact us at https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

**********************************************************************
This e-mail message and all attachments transmitted with it may contain leg= ally privileged and/or confidential information intended solely for the use=
of the addressee(s). If the reader of this message is not the intended rec= ipient, you are hereby notified that any reading, dissemination, distributi= on, copying, forwarding or other use of this message or its attachments is = strictly prohibited. If you have received this message in error, please not= ify the sender immediately and delete this message and all copies and backu=
ps thereof. Thank you.

--_000_BD50A26D2D1D426BA928C42A7A7FC0E81D6403EF0D23RENTERSINQU_ Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="Windows-1252"

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1= 252">
</head>
<body>

<table cellspacing=3D"2" cellpadding=3D"4" width=3D"100%" height=3D"100%"> <tbody>

<td style=3D"background-color:#ffffff;font-family:verdana;font-size:10pt;"> Dear Valued Customer,
 

Thank you for your inquiry. Please let us know how we may assist you. </=

= 

= If you have a Renter= =92s policy, you = can manage your policy online 24/7 at:
<a href=3D"https://www.myassurantpolicy.com/">https://ww= w.myassurantpolicy.com/</a>

You have access to a range of s= ervice options including:

<ul class=3D"Articlesedit_article_div_secEdit RTE_list_style_position">

<div style=3D"color:rgb(0, 0, 0);line-height:normal;font-style:normal;font-= weight:normal;margin-top:0in;margin-bottom:0pt;">
View/update policy information</div> </li><li>
<div style=3D"color:rgb(0, 0, 0);line-height:normal;font-family:"Calib= ri",sans-serif;font-size:11pt;font-style:normal;font-weight:normal;mar= gin-top:0in;margin-bottom:0pt;">
Manage your payments</di=

</li><li>
<div style=3D"color:rgb(0, 0, 0);line-height:normal;font-family:"Calib= ri",sans-serif;font-size:11pt;font-style:normal;font-weight:normal;mar= gin-top:0in;margin-bottom:0pt;">
Obtain proof of insurance</span= ></div>
</li><li>
<div style=3D"color:rgb(0, 0, 0);line-height:normal;font-family:"Calib= ri",sans-serif;font-size:11pt;font-style:normal;font-weight:normal;mar= gin-top:0in;margin-bottom:8pt;">
And much more</div>

</li></ul>
 

Thank you for allowing us the opportunity to serve you.
 

Sincerely,
Insurance Services
Assurant - Global Specialty Operations  
</td>
</tr>
<tr height=3D"100%">
<td> 
</td>
</tr>
</tbody>
</table>
 
<div id=3D"signature" style=3D"font-size: 12px; font-family: Tahoma, Verdan=
a, Arial;">
</div>

 
------------------- Original Message ------------------- 
From: Fred Morris 
Received: Fri Jun 05 2020 12:17:17 GMT-0400 (Eastern Daylight Time)<=

To: Bhangui, Sandeep - BLS CTR via bind-users 
Subject: Re: Fwd: DNS Misconfiguration on- http://cyberia.net.sa/</f= ont> 

<style>
.EmailQuote {
margin-left:1pt;
padding-left:4pt;
border-left:#800000 2px solid;
}
</style>
<div class=3D"PlainText">Hrmmm... I'm reminded of something else I've seen = reported on recently... 

On Fri, 5 Jun 2020, Ejaz Ahmed wrote: 
> localhost.cyberia.net.sa 

I don't know if you've been paying attention, but it's been reported that <=

among others EBay has been port scanning visitor's devices [0]. Having localhost.ebay.com could be handy for them in terms of circumventing some <=

rules on setting of cookies and the execution of scripts. Not saying that's what they're doing, heaven forbid. 

Any domain you visit could have entries in it which point to e.g. localhost or nonrouting addresses commonly used for gateways, things like <=

that. 

This is not a DNS problem, it's a problem in what commonly used programs <b=

aid and abet in the name of "freedom of commerce" or something.<b=

-- 

Fred Morris 

-- 

[0] 
<a href=3D"https://www.bleepingcomputer.com/news/security/ebay-port-scans-v= isitors-computers-for-remote-access-programs/">https://www.bleepingcomputer= .com/news/security/ebay-port-scans-visitors-computers-for-remote-access-pro= grams/</a> 

_______________________________________________ 
Please visit <a href=3D"https://lists.isc.org/mailman/listinfo/bind-users">= https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from t= his list 

ISC funds the development of this software with paid support subscriptions.=
Contact us at
<a href=3D"https://www.isc.org/contact/">https://www.isc.org/contact/</a> f=
or more information. 

bind-users mailing list 
bind-users@lists.isc.org 
<a href=3D"https://lists.isc.org/mailman/listinfo/bind-users">https://lists= .isc.org/mailman/listinfo/bind-users</a> 
</div>


<HR>This e-mail message and all attachments transmitted with it may contain=
legally privileged and/or confidential information intended solely for the=
use of the addressee(s). If the reader of this message is not the intended=
recipient, you are hereby notified that any reading, dissemination, distri= bution, copying, forwarding or other use of this message or its attachments=
is strictly prohibited. If you have received this message in error, please=
notify the sender immediately and delete this message and all copies and b= ackups thereof. Thank you. 
</body>
</html>

--_000_BD50A26D2D1D426BA928C42A7A7FC0E81D6403EF0D23RENTERSINQU_--
--- Synchronet 3.18a-Linux NewsLink 1.113

Who's Online
Recent Visitors
- Bytor
  Tue Apr 16 19:30:43 2024
  from Ri, Ri via Telnet
- Microbot
  Tue Apr 16 05:35:07 2024
  from Moore, Ok via Telnet
- Microbot
  Wed Apr 17 03:53:00 2024
  from Moore, Ok via Telnet
- Microbot
  Thu Apr 18 02:47:50 2024
  from Moore, Ok via Telnet

System Info

Sysop:	DaiTengu
Location:	Appleton, WI
Users:	910
Nodes:	10 (0 / 10)
Uptime:	203:30:48
Calls:	12,116
Calls today:	1
Files:	186,504
Messages:	2,226,449

FW: Re: Fwd: DNS Misconfiguration on- http://cyberia.net.sa/

Who's Online

Recent Visitors

System Info